Encryption of data at rest

jcurrent · 28 May 2025 21:49

Hi!

I am reading a lot of encryption of data in motion with mTLS, but I am trying to figure out if Confluent server provides support for encryption of data at rest.
Some resources indicate that this has to be done at OS-level by encrypting the disk. (https://youtu.be/nhw6J9N6UIg?t=306)

However, some resources seem to indicate that this feature exists (Manage security in Confluent Platform | Confluent Documentation)

Does Confluent Server provide this feature? or perhaps even E2E-encryption?

if not: are there any best practices regarding encryption at rest with for example LUKS?

/J

mmuehlbeyer · 2 June 2025 18:20

hey @jcurrent

afaik there is no feature for encryption of data at rest buil-in in confluent server.

you could encrypt the volumes where your kafka data resides (with LUKS as you mentioned)

confluent cloud data is encrypted by default

let me know if you further insights

best,
michael

Topic		Replies	Views
Encryption at Rest? Confluent Cloud	1	3380	20 September 2021
Confluent E2E Encryption Accelerator Confluent Cloud	0	2530	22 December 2022
Secure your Cloud-Native Apache Kafka System—an Introduction to Confluent Cloud Security Confluent Cloud	0	3073	10 November 2022
Confluent Kafka Ops	6	3129	2 August 2022
New Confluent blog post: What’s New in Confluent Cloud Security News and Blogs	0	3270	9 November 2020

Encryption of data at rest

Related topics